It turns out that our mobile networks may not be the safest. The 4G LTE standard has vulnerabilities that could allow a hacker to intercept data that is being transferred on the networks. Researchers at the Korea Advanced Institute of Science and Technology Constitution (KAIST) have discovered 51 vulnerabilities with the 4G LTE standard—this includes 15 known issues and 36 new and previously undiscovered flaws with the standard.
The vulnerabilities include how an attacker could disconnect a user from the network, something that would at first simply look like a dropped call to eavesdropping on conversations and also access as well as manipulate data that is being transferred. The researchers are planning to present these at the IEEE Symposium on Security and Privacy in May.
“LTEFuzz successfully identified 15 previously disclosed vulnerabilities and 36 new vulnerabilities in design and implementation among the differ- ent carriers and device vendors. The findings were categorized into five vulnerability types. We also demonstrated several attacks that can be used for denying various LTE services, sending phishing messages, and eavesdropping/manipulating data traffic. We performed root cause analysis of the identified problems by reviewing the related standard and interviewing collaborators of the carriers,” say the researchers in the report.
LTE network is the standard used by mobile operators in many countries, and is popularly known as 4G. Researchers say they will be sharing the LTEFuzz tool with mobile service providers and hardware makers including Qualcomm.
Comments
0 comment